Search Results: xss

Found 89 Skills

break-filter-js-from-html

Guidance for bypassing HTML/JavaScript sanitization filters in security testing contexts. This skill should be used when tasked with finding XSS filter bypasses, testing HTML sanitizers, or exploiting parser differentials between server-side filters and browsers. Applies to CTF challenges, authorized penetration testing, and security research involving HTML injection and JavaScript execution through sanitization bypasses.

🇺🇸|EnglishTranslated

Security & Compliancesecondsky/claude-skills

security-headers-configuration

Configures HTTP security headers to protect against XSS, clickjacking, and MIME sniffing attacks. Use when hardening web applications, passing security audits, or implementing Content Security Policy.

🇺🇸|EnglishTranslated

Security & Compliancepatricio0312rev/skills

input-validation-sanitization-auditor

Identifies and fixes XSS, SQL injection, and command injection vulnerabilities with validation schemas, sanitization libraries, and safe coding patterns. Use for "input validation", "XSS prevention", "SQL injection", or "sanitization".

🇺🇸|EnglishTranslated

Mobile Developmentjoneqian/claude-skills-su...

wechat-miniprogram

WeChat Mini Program development framework. Use for building WeChat mini apps, WXML templates, WXSS styles, WXS scripting, component development, and WeChat API integration.

🇺🇸|EnglishTranslated

Security & Compliancedchuk/claude-code-tauri-s...

configuring-tauri-csp

Guides users through configuring Content Security Policy (CSP) in Tauri v2 applications to prevent XSS attacks and enhance security by restricting resource loading.

🇺🇸|EnglishTranslated

Security & Compliancemadsnorgaard/agent-resour...

drupal-security

Drupal security expertise. Auto-activates when writing forms, controllers, queries, or handling user input. Prevents XSS, SQL injection, and access bypass vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancealicoder001/agent-skills

security

Security best practices for web applications. Use when handling user input, authentication, or sensitive data. Covers XSS, SQL injection, CSRF, environment variables, and secure coding patterns.

🇺🇸|EnglishTranslated

Security & Complianceletta-ai/skills

filter-js-from-html

Guidance for filtering JavaScript and XSS attack vectors from HTML while preserving original formatting. This skill should be used when tasks involve removing script content, sanitizing HTML, filtering XSS payloads, or creating security filters that must preserve the original document structure unchanged.

🇺🇸|EnglishTranslated

Security & Compliancebbeierle12/skill-mcp-clau...

form-security

Security patterns for web forms including autocomplete attributes for password managers, CSRF protection, XSS prevention, and input sanitization. Use when implementing authentication forms, payment forms, or any form handling sensitive data.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Complianceschalkneethling/webdev-ag...

frontend-security

Audit frontend codebases for security vulnerabilities and bad practices. Use when performing security reviews, auditing code for XSS/CSRF/DOM vulnerabilities, checking Content Security Policy configurations, validating input handling, reviewing file upload security, or examining Node.js/NPM dependencies. Target frameworks include web platform (vanilla HTML/CSS/JS), React, Astro, Twig templates, Node.js, and Bun. Based on OWASP security guidelines.

🇺🇸|EnglishTranslated

Security & Complianceharperaa/secure-claude-sk...

security-headers

Configure security headers to defend against clickjacking, XSS, MIME confusion, and SSL stripping attacks. Use this skill when you need to set up Content-Security-Policy, X-Frame-Options, HSTS, configure middleware headers, or understand browser security features. Triggers include "security headers", "CSP", "content security policy", "X-Frame-Options", "HSTS", "clickjacking", "MIME confusion", "middleware headers".

🇺🇸|EnglishTranslated

Security & Compliancelennetech/claude-code

general-frontend-security

Framework-agnostic frontend security guide based on OWASP Secure Coding Practices. Covers XSS prevention, CSRF protection, Content Security Policy (CSP), secure cookie configuration, client-side authentication patterns, input validation, secure storage, and security headers. Activates for security audits, vulnerability reviews, or browser security questions in any web application. NOT for backend/NestJS security (use generating-nest-servers). NOT for Nuxt-specific implementation (use developing-lt-frontend).

🇺🇸|EnglishTranslated